Port Forwarding - Reverse SSH - Source IP

ssh linux firewall

Solution 1:

Server-A = Private IP 192.168.1.1 with Public IP 1.2.3.4 (has direct internet access)
Server-B = 192.168.1.2 (no direct internet access)
Client-PC = Public IP 5.6.7.8  (router's ISP address)

You must get rid of SSH Tunneling in order to achieve your goal. When Client-PC attempts to connect to Server-A, it must be redirected to Server-B on TCP 22. From Server-B perspective, SSH traffic is coming from 5.6.7.8

On the host that is acting as a Linux gateway (Server-A in this case), do the following:

$ sudo echo "1" > /proc/sys/net/ipv4/ip_forward
$ sudo iptables -t nat -A PREROUTING -p tcp -m tcp -d 1.2.3.4 --dport 22 -j DNAT --to-destination 192.168.1.2:22
$ sudo iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT

From Server-B, make sure it knows how to send return traffic back to 5.6.7.8

If not, then add a static route on Server-B

$ sudo ip route add default via 192.168.1.1

Related

Safe deleting a LUN in VMware
Dynamic resizing of screen doesn't work in Parallels
How do I get the window jelly effect? [duplicate]
Connecting to Internet using TataPhoton 3G dongle(ZTE MF190) Ubuntu 12.04
Mouse pointer disappears on primary monitor?
Does the kernel also need to be updated if I update the Intel drivers?
Notifications from a website I don't visit on my desktop
Static IP address changed to another static IP address. What needs to be changed?
Old DNS Settings Keeps Coming Back
Canon printer drivers for Ubuntu 15.10
NVIDIA Graphics - resolution problems with new 12.04 LTS installation
Google chrome profile in use; browser does not start anymore